CVE-2011-4944: Race Condition
First published: Wed Nov 30 2011(Updated: )
It was reported [1] that distutils would create ~/.pypirc insecurely. There is a race from the time the user's username and password is written to the file to when it is chmod'd with appropriate permissions. Typically, a user's home directory will be created with default 0700 permissions which would not allow for a local attacker to obtain access to this file during the race window, however if a user were to make their home directory 0755 they could be susceptible to this race. One solution would be to use tempfile.mkstemp() to create the file and then move it in place. [1] <a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555</a>
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Python Python | =3.1 | |
| Python Python | =3.1.1 | |
| Python Python | =3.0 | |
| Python Python | =2.6.6 | |
| Python Python | =3.0.1 | |
| Python Python | =2.7.1150 | |
| Python Python | =2.6.1 | |
| Python Python | =3.1.5 | |
| Python Python | =2.6.3 | |
| Python Python | =2.6.2150 | |
| Python Python | =2.7.1 | |
| Python Python | =3.1.2150 | |
| Python Python | =3.1.2 | |
| Python Python | =2.7.1150 | |
| Python Python | =2.6.8 | |
| Python Python | =2.6.7 | |
| Python Python | =2.7.3 | |
| Python Python | =2.7.1-rc1 | |
| Python Python | =2.6.4 | |
| Python Python | =2.7.2-rc1 | |
| Python Python | =2.6.6150 | |
| Python Python | =3.2 | |
| Python Python | =2.6.2 | |
| Python Python | =2.7.2150 | |
| Python Python | =3.2-alpha | |
| Python Python | =2.6.5 | |
| Python Python | =3.1.3 | |
| Python Python | =3.1.4 | |
| debian/python2.7 | 2.7.18-8+deb11u1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2012/03/27/10
- http://www.openwall.com/lists/oss-security/2012/03/27/2
- https://bugzilla.redhat.com/show_bug.cgi?id=758905
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555
- http://bugs.python.org/issue13512
- http://bugs.python.org/file23824/pypirc-secure.diff
- http://www.openwall.com/lists/oss-security/2012/03/27/5
- http://www.ubuntu.com/usn/USN-1596-1
- http://www.ubuntu.com/usn/USN-1613-2
- http://www.ubuntu.com/usn/USN-1613-1
- http://www.ubuntu.com/usn/USN-1592-1
- http://www.ubuntu.com/usn/USN-1615-1
- http://secunia.com/advisories/51089
- http://secunia.com/advisories/51040
- http://secunia.com/advisories/50858
- http://www.ubuntu.com/usn/USN-1616-1
- http://secunia.com/advisories/51087
- http://secunia.com/advisories/51024
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
- https://launchpad.net/bugs/cve/CVE-2011-4944
- https://access.redhat.com/security/updates/classification/
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=573152&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=573152&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=808303
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=808304
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=808305
- https://rhn.redhat.com/errata/RHSA-2012-0744.html
- https://rhn.redhat.com/errata/RHSA-2012-0745.html
- https://security-tracker.debian.org/tracker/CVE-2011-4944
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4944
- https://nvd.nist.gov/vuln/detail/CVE-2011-4944
- https://ubuntu.com/security/CVE-2011-4944
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-4944
- agent/author
- agent/remedy
- agent/weakness
- agent/severity
- agent/description
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/references
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/usn-cve
- source/Ubuntu
- vendor/python
- canonical/python python
- version/python python/3.1
- version/python python/3.1.1
- version/python python/3.0
- version/python python/2.6.6
- version/python python/3.0.1
- version/python python/2.7.1150
- version/python python/2.6.1
- version/python python/3.1.5
- version/python python/2.6.3
- version/python python/2.6.2150
- version/python python/2.7.1
- version/python python/3.1.2150
- version/python python/3.1.2
- version/python python/2.6.8
- version/python python/2.6.7
- version/python python/2.7.3
- version/python python/2.7.1-rc1
- version/python python/2.6.4
- version/python python/2.7.2-rc1
- version/python python/2.6.6150
- version/python python/3.2
- version/python python/2.6.2
- version/python python/2.7.2150
- version/python python/3.2-alpha
- version/python python/2.6.5
- version/python python/3.1.3
- version/python python/3.1.4
- package-manager/debian